Cyber Protect
Approved changes feed: RSS · Atom
cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Acronis (d64000ef-8c61-5ba5-86d7-61c680cdcd75) |
|---|---|
| Product | Cyber Protect (1ac31a90-da9c-5f08-8f9b-127a23b1d233) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-28727 |
vulnerable | 2026-06-03 15:18:08.607384 |
Details available
HIGH (7.8)
Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124, Acronis True Image (macOS) before build 42902.
Published: 2026-03-05T23:45:20.331Z
Updated: 2026-04-02T17:05:54.369Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28726 |
vulnerable | 2026-06-03 15:18:08.606650 |
Details available
MEDIUM (4.3)
Sensitive information disclosure due to improper access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:57:23.487Z
Updated: 2026-03-06T19:33:44.772Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28725 |
vulnerable | 2026-06-03 15:18:08.606283 |
Details available
MEDIUM (5.5)
Sensitive information disclosure due to improper configuration of a headless browser. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:56:49.496Z
Updated: 2026-03-06T19:33:51.673Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28724 |
vulnerable | 2026-06-03 15:18:08.605840 |
Details available
MEDIUM (4.3)
Unauthorized data access due to insufficient access control validation. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:55:51.963Z
Updated: 2026-03-06T19:34:04.863Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28723 |
vulnerable | 2026-06-03 15:18:08.605363 |
Details available
MEDIUM (4.3)
Unauthorized report deletion due to insufficient access control. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:55:37.600Z
Updated: 2026-03-09T16:36:46.071Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28722 |
vulnerable | 2026-06-03 15:18:08.604990 |
Details available
HIGH (7.3)
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Published: 2026-03-05T23:55:18.190Z
Updated: 2026-03-09T13:42:05.038Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28721 |
vulnerable | 2026-06-03 15:18:08.604607 |
Details available
HIGH (7.3)
Local privilege escalation due to improper soft link handling. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Published: 2026-03-05T23:55:01.493Z
Updated: 2026-03-09T13:42:36.222Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28720 |
vulnerable | 2026-06-03 15:18:08.604210 |
Details available
MEDIUM (4.3)
Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:54:43.281Z
Updated: 2026-03-09T16:37:05.902Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28719 |
vulnerable | 2026-06-03 15:18:08.603640 |
Details available
MEDIUM (4.3)
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:54:24.475Z
Updated: 2026-03-09T16:37:35.513Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28718 |
vulnerable | 2026-06-03 15:18:08.603171 |
Details available
MEDIUM (5.3)
Denial of service due to insufficient input validation in authentication logging. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:54:05.522Z
Updated: 2026-03-09T16:37:56.483Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28717 |
vulnerable | 2026-06-03 15:18:08.602700 |
Details available
MEDIUM (5)
Local privilege escalation due to improper directory permissions. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Published: 2026-03-05T23:53:46.001Z
Updated: 2026-03-09T13:42:55.003Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28716 |
vulnerable | 2026-06-03 15:18:08.602239 |
Details available
MEDIUM (4.4)
Information disclosure and manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:52:29.601Z
Updated: 2026-03-09T17:06:28.655Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28715 |
vulnerable | 2026-06-03 15:18:08.601842 |
Details available
MEDIUM (6.5)
Sensitive information disclosure due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:52:09.573Z
Updated: 2026-03-09T17:19:34.034Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28714 |
vulnerable | 2026-06-03 15:18:08.601259 |
Details available
MEDIUM (4.8)
Unnecessary transmission of sensitive cryptographic material. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:51:47.409Z
Updated: 2026-03-09T17:19:55.828Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28713 |
vulnerable | 2026-06-03 15:18:08.600898 |
Details available
HIGH (7.1)
Default credentials set for local privileged user in Virtual Appliance. The following products are affected: Acronis Cyber Protect Cloud Agent (VMware) before build 36943, Acronis Cyber Protect 17 (VMware) before build 41186.
Published: 2026-03-05T23:51:30.830Z
Updated: 2026-03-07T04:55:22.751Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28712 |
vulnerable | 2026-06-03 15:18:08.596867 |
Details available
MEDIUM (6.3)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Published: 2026-03-05T23:50:38.746Z
Updated: 2026-03-07T04:55:17.528Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28711 |
vulnerable | 2026-06-03 15:18:08.596479 |
Details available
MEDIUM (6.3)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 17 (Windows) before build 41186.
Published: 2026-03-05T23:50:16.116Z
Updated: 2026-03-07T04:55:19.021Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28710 |
vulnerable | 2026-06-03 15:18:08.596044 |
Details available
HIGH (8.1)
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:48:48.088Z
Updated: 2026-03-07T04:55:20.943Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-28709 |
vulnerable | 2026-06-03 15:18:08.595424 |
Details available
MEDIUM (4.3)
Unauthorized resource manipulation due to improper authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.
Published: 2026-03-05T23:48:07.935Z
Updated: 2026-03-06T19:34:34.657Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-30413 |
vulnerable | 2026-06-03 15:00:28.265792 |
Details available
MEDIUM (4.4)
Credentials are not deleted from Acronis Agent after plan revocation. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 40497, Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186.
Published: 2026-03-05T23:56:29.887Z
Updated: 2026-03-06T19:33:57.793Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-11791 |
vulnerable | 2026-06-03 14:58:43.073163 |
Details available
MEDIUM (5.5)
Sensitive information disclosure and manipulation due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 (Linux, macOS, Windows) before build 41186, Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 41124.
Published: 2026-03-05T23:46:27.697Z
Updated: 2026-03-06T19:34:47.346Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55543 |
vulnerable | 2026-06-03 14:57:42.038854 |
Details available
HIGH (7.3)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:24:26.589Z
Updated: 2025-01-02T17:10:10.488Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55541 |
vulnerable | 2026-06-03 14:57:42.037998 |
Details available
LOW (3.1)
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
Published: 2025-01-02T15:26:55.281Z
Updated: 2025-01-02T16:52:29.222Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-55540 |
vulnerable | 2026-06-03 14:57:42.035301 |
Details available
MEDIUM (6.6)
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
Published: 2025-01-02T15:25:48.887Z
Updated: 2025-01-02T17:09:38.773Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49388 |
vulnerable | 2026-06-03 14:57:12.421898 |
Details available
LOW (3.1)
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:34:24.960Z
Updated: 2024-10-15T12:47:51.115Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49387 |
vulnerable | 2026-06-03 14:57:12.421458 |
Details available
MEDIUM (5.4)
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:34:10.675Z
Updated: 2024-10-15T12:47:32.586Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49384 |
vulnerable | 2026-06-03 14:57:12.413327 |
Details available
LOW (3.5)
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:33:52.655Z
Updated: 2024-10-15T12:47:14.120Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49383 |
vulnerable | 2026-06-03 14:57:12.412686 |
Details available
LOW (3.5)
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:33:14.227Z
Updated: 2024-10-15T12:46:55.089Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-49382 |
vulnerable | 2026-06-03 14:57:12.412036 |
Details available
LOW (3.5)
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
Published: 2024-10-15T10:32:55.845Z
Updated: 2024-10-15T12:46:35.938Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48682 |
vulnerable | 2026-06-03 14:53:19.630751 |
Details available
MEDIUM (6.1)
Stored cross-site scripting (XSS) vulnerability in unit name. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:53:05.091Z
Updated: 2024-08-02T21:37:54.485Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48681 |
vulnerable | 2026-06-03 14:53:19.630403 |
Details available
LOW (1.9)
Self cross-site scripting (XSS) vulnerability in storage nodes search field. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:52:25.743Z
Updated: 2024-08-02T21:37:54.618Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48680 |
vulnerable | 2026-06-03 14:53:19.630030 |
Details available
LOW (3.3)
Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Cyber Protect 16 (macOS, Windows) before build 37391.
Published: 2024-02-27T16:51:19.284Z
Updated: 2024-09-10T15:47:42.813Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48679 |
vulnerable | 2026-06-03 14:53:19.629655 |
Details available
LOW (3.1)
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:45:53.340Z
Updated: 2024-08-02T21:37:54.289Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48678 |
vulnerable | 2026-06-03 14:53:19.629148 |
Details available
MEDIUM (5.5)
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 37391.
Published: 2024-02-27T16:45:00.771Z
Updated: 2024-08-16T19:22:09.595Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44207 |
vulnerable | 2026-06-03 14:53:05.670744 |
Details available
MEDIUM (6.7)
Stored cross-site scripting (XSS) vulnerability in protection plan name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:27.141Z
Updated: 2024-09-23T20:08:36.611Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44206 |
vulnerable | 2026-06-03 14:53:05.670112 |
Details available
HIGH (7.1)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:16.923Z
Updated: 2024-09-23T20:13:38.682Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44205 |
vulnerable | 2026-06-03 14:53:05.665938 |
Details available
LOW (3.5)
Sensitive information disclosure due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:46.915Z
Updated: 2024-09-23T18:06:49.914Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44161 |
vulnerable | 2026-06-03 14:53:05.114093 |
Details available
LOW (3.1)
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:35.358Z
Updated: 2024-09-23T18:07:11.537Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44160 |
vulnerable | 2026-06-03 14:53:05.113591 |
Details available
LOW (3.1)
Sensitive information manipulation due to cross-site request forgery. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:23.677Z
Updated: 2024-08-02T19:59:50.995Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44159 |
vulnerable | 2026-06-03 14:53:05.113055 |
Details available
MEDIUM (5.5)
Sensitive information disclosure due to cleartext storage of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:02:06.679Z
Updated: 2024-09-23T18:06:19.272Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44158 |
vulnerable | 2026-06-03 14:53:05.112541 |
Details available
LOW (3.5)
Sensitive information disclosure due to insufficient token field masking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:12.850Z
Updated: 2024-09-23T18:07:34.572Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44157 |
vulnerable | 2026-06-03 14:53:05.112029 |
Details available
LOW (3.3)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 35979.
Published: 2023-09-27T12:01:02.383Z
Updated: 2024-09-23T18:08:04.787Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44156 |
vulnerable | 2026-06-03 14:53:05.111533 |
Details available
MEDIUM (5.7)
Sensitive information disclosure due to spell-jacking. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:01:56.823Z
Updated: 2024-09-23T18:06:33.949Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44155 |
vulnerable | 2026-06-03 14:53:05.110866 |
Details available
MEDIUM (4.4)
Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:00:50.339Z
Updated: 2024-09-23T18:11:04.492Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44154 |
vulnerable | 2026-06-03 14:53:05.110232 |
Details available
MEDIUM (4.6)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979.
Published: 2023-09-27T12:00:34.428Z
Updated: 2024-09-23T19:26:20.584Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44153 |
vulnerable | 2026-06-03 14:53:05.109628 |
Details available
LOW (2.2)
Sensitive information disclosure due to cleartext storage of sensitive information in memory. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-09-27T12:00:09.210Z
Updated: 2024-09-23T19:26:52.210Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44152 |
vulnerable | 2026-06-03 14:53:05.105459 |
Details available
MEDIUM (6.1)
Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 35979.
Published: 2023-09-27T11:59:56.524Z
Updated: 2024-09-23T18:11:17.766Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45459 |
vulnerable | 2026-06-03 14:48:24.265945 |
Details available
LOW (3.8)
Sensitive information disclosure due to insecure registry permissions. The following products are affected: Acronis Agent (Windows) before build 30025, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:26:22.045Z
Updated: 2025-01-22T16:18:57.514Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45458 |
vulnerable | 2026-06-03 14:48:24.265418 |
Details available
MEDIUM (4.2)
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 29633, Acronis Cyber Protect 15 (Windows, macOS, Linux) before build 30984.
Published: 2023-05-18T09:25:04.232Z
Updated: 2025-01-22T14:43:05.998Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45457 |
vulnerable | 2026-06-03 14:48:24.264902 |
Details available
MEDIUM (4.2)
Sensitive information disclosure and manipulation due to improper certification validation. The following products are affected: Acronis Agent (Windows) before build 29633, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:23:51.453Z
Updated: 2025-01-22T14:43:42.077Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45453 |
vulnerable | 2026-06-03 14:48:24.258786 |
Details available
MEDIUM (5.3)
TLS/SSL weak cipher suites enabled. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
Published: 2023-05-18T09:19:10.914Z
Updated: 2025-01-22T14:45:54.838Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45452 |
vulnerable | 2026-06-03 14:48:24.258324 |
Details available
HIGH (7.3)
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent (Windows) before build 30430, Acronis Cyber Protect 15 (Windows) before build 30984.
Published: 2023-05-18T09:21:55.932Z
Updated: 2025-01-22T14:44:25.933Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45450 |
vulnerable | 2026-06-03 14:48:24.250007 |
Details available
MEDIUM (5.4)
Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 28610, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build 30984.
Published: 2023-05-18T09:27:38.534Z
Updated: 2025-01-22T16:18:42.210Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-45449 |
vulnerable | 2026-06-03 14:48:24.244427 |
Details available
HIGH (7.7)
Sensitive information disclosure due to excessive privileges assigned to Acronis Agent. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 30984.
Published: 2024-07-16T14:47:21.100Z
Updated: 2024-08-03T14:17:00.910Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30994 |
vulnerable | 2026-06-03 14:47:10.379222 |
Cleartext transmission of sensitive information
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 29240
Published: 2022-05-18T19:41:32.839Z
Updated: 2024-09-17T02:06:03.286Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30993 |
vulnerable | 2026-06-03 14:47:10.378575 |
Cleartext transmission of sensitive information
Cleartext transmission of sensitive information. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:42:02.470Z
Updated: 2024-09-17T04:20:12.370Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30992 |
vulnerable | 2026-06-03 14:47:10.377912 |
Open redirect via user-controlled query parameter
Open redirect via user-controlled query parameter. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:42:45.904Z
Updated: 2024-09-16T19:10:09.912Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30991 |
vulnerable | 2026-06-03 14:47:10.377425 |
HTML injection via report name
HTML injection via report name. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 29240
Published: 2022-05-18T19:43:14.157Z
Updated: 2024-09-17T01:46:35.314Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-30990 |
vulnerable | 2026-06-03 14:47:10.373036 |
Sensitive information disclosure due to insecure folder permissions
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect 15 (Linux) before build 29240, Acronis Agent (Linux) before build 28037
Published: 2022-05-18T19:38:04.964Z
Updated: 2024-09-17T03:49:05.176Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44203 |
vulnerable | 2026-06-03 14:45:35.622764 |
Stored cross-site scripting (XSS) was possible in protection plan details
Stored cross-site scripting (XSS) was possible in protection plan details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:01.156Z
Updated: 2024-09-16T22:45:05.734Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44202 |
vulnerable | 2026-06-03 14:45:35.622337 |
Stored cross-site scripting (XSS) was possible in activity details
Stored cross-site scripting (XSS) was possible in activity details. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:06.652Z
Updated: 2024-09-17T00:35:33.222Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44201 |
vulnerable | 2026-06-03 14:45:35.621885 |
Cross-site scripting (XSS) was possible in notification pop-ups
Cross-site scripting (XSS) was possible in notification pop-ups. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:18:51.474Z
Updated: 2024-09-17T01:36:52.438Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44200 |
vulnerable | 2026-06-03 14:45:35.620032 |
Self cross-site scripting (XSS) was possible on devices page
Self cross-site scripting (XSS) was possible on devices page. The following products are affected: Acronis Cyber Protect 15 (Windows, Linux) before build 28035
Published: 2021-11-29T18:19:18.256Z
Updated: 2024-09-16T22:36:09.882Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44199 |
vulnerable | 2026-06-03 14:45:35.618491 |
DLL hijacking could lead to denial of service
DLL hijacking could lead to denial of service. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035, Acronis Agent (Windows) before build 27305, Acronis Cyber Protect Home Office (Windows) before build 39612
Published: 2021-11-29T18:19:12.590Z
Updated: 2024-09-16T22:20:30.242Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-44198 |
vulnerable | 2026-06-03 14:45:35.613631 |
DLL hijacking could lead to local privilege escalation
DLL hijacking could lead to local privilege escalation. The following products are affected: Acronis Cyber Protect 15 (Windows) before build 28035
Published: 2021-11-29T18:18:56.612Z
Updated: 2024-09-16T20:27:10.015Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38088 |
vulnerable | 2026-06-03 14:45:01.335495 |
Details available
Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking.
Published: 2021-08-12T13:38:10.000Z
Updated: 2024-08-04T01:30:09.083Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38087 |
vulnerable | 2026-06-03 14:45:01.335054 |
Details available
Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009.
Published: 2021-08-12T13:44:09.000Z
Updated: 2024-08-04T01:30:09.015Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-38086 |
vulnerable | 2026-06-03 14:45:01.333365 |
Details available
Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226 allowed local privilege escalation via DLL hijacking.
Published: 2021-08-12T13:42:45.000Z
Updated: 2024-08-04T01:30:09.048Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35664 |
vulnerable | 2026-06-03 14:42:32.149712 |
Details available
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.
Published: 2021-02-22T02:13:33.000Z
Updated: 2024-08-04T17:09:14.593Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35556 |
vulnerable | 2026-06-03 14:42:32.017100 |
Details available
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.
Published: 2021-02-22T02:17:53.000Z
Updated: 2024-08-04T17:09:13.375Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-10138 |
vulnerable | 2026-06-03 14:40:59.358987 |
Details available
HIGH (7.8)
Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis Cyber Backup and Cyber Protect contain a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges.
Published: 2020-10-21T13:40:18.000Z
Updated: 2024-08-04T10:50:57.887Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.